Methods and systems for protecting data may include controlling encryption and/or decryption and identifying a destination of corresponding encrypted and/or decrypted data, utilizing rules based on a source location of the data prior to the encryption or decryption and an algorithm that may have been previously utilized for encrypting and/or decrypting the data prior to the data being stored in the source location. The source location and/or destination of the data may comprise protected or unprotected memory. One or more of a plurality of algorithms may be utilized for the encryption and/or decryption. The rules may be stored in a key table, which may be stored on-chip, and may be reprogrammable. One or more keys for the encryption and/or decryption may be generated within the chip.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A method comprising: storing a descriptor in a memory, wherein the descriptor comprises a first encryption/decryption algorithm and a key pointer identifying a key slot; storing the key slot in a key table, wherein the key slot comprises a second encryption/decryption algorithm and a key; encrypting or decrypting data using the first encryption/decryption algorithm, the second encryption/decryption algorithm, and the key.
2. The method of claim 1 , further comprising identifying a destination of the encrypted or decrypted data based on rules using a source address of the data and the first encryption/decryption algorithm.
3. The method of claim 2 , wherein the first encryption/decryption algorithm is an algorithm that was used previously to encrypt/decrypt the data.
4. The method of claim 2 , wherein the source address is stored in unprotected memory.
5. The method of claim 2 , wherein the rues are stored in the key table.
6. The method of claim 5 , wherein the key table is reprogrammable.
7. The method of claim 1 , wherein the key is generated by a chip that stores the key table.
8. A non-transitory computer readable medium storing instructions wherein the instructions when executed are configured to perform a method, wherein the method comprises: storing a descriptor in a memory, wherein the descriptor comprises a first encryption/decryption algorithm and a key pointer identifying a key slot; storing the key slot in a key table, wherein the key slot comprises a second encryption/decryption algorithm and a key; encrypting or decrypting data using the first encryption/decryption algorithm, the second encryption/decryption algorithm, and the key.
9. The non-transitory computer readable medium of claim 8 , further comprising identifying a destination of the encrypted or decrypted data based on rules using a source address of the data and the first encryption/decryption algorithm.
10. The non-transitory computer readable medium of claim 9 , wherein the first encryption/decryption algorithm is an algorithm that was used previously to encrypt/decrypt the data.
11. The non-transitory computer readable medium of claim 9 , wherein the source address is stored in unprotected memory.
12. The non-transitory computer readable medium of claim 9 , wherein the rules are stored in the key table.
13. The non-transitory computer readable medium of claim 12 , wherein the key table is reprogrammable.
14. The non-transitory computer readable medium of claim 8 , wherein the key is generated by a chip that stores the key table.
15. A system for data communication, comprising: a memory configured to store a descriptor; a chip storing a key table configured to store a key slot connected to the memory; a security logic block, connected to both the memory and the key table, configured to select a final encryption/decryption algorithm; and an encryption/decryption block, connected to the security logic block, the memory, and the key table, configured to generate an output data by encrypting/decrypting, an input data using the final encryption/decryption algorithm; wherein: the descriptor includes a first encryption/decryption algorithm and a key pointer; and the key slot includes a second encryption/decryption, algorithm and a key.
16. The system of claim 15 , wherein the encryption/decryption block is further configured to identify a destination of the encrypted or decrypted input data based on rules using a source address of the input data and the first encryption/decryption algorithm.
17. The system of claim 16 , wherein the first encryption/decryption algorithm is an algorithm that was used previously to encrypt/decrypt the input data.
18. The system of claim 16 , wherein the rules are stored in the key table.
19. The system of claim 18 , wherein the key table is reprogrammable.
20. The system of claim 15 , wherein the chip generated the key.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
September 16, 2013
December 16, 2014
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.